How secure is my data if
it’s in the cloud

Multiple levels of both physical and virtual security ensure the protection of your data is our top priority including measures to protect from cryptolockers and ransomware.

More Information

I don’t have a comprehensive backup and disaster
recovery strategy

DC Two are Gold cloud partners with Veeam® the market leaders in backup and disaster recovery solutions

More Information

Latest News

3rd July: Letter from the MD: Looking Forward, Looking Back Read more

Urgent DC Two Security Update: Protect Your Business from the Impact of the CryptoLocker or Similar Ransomware Virus

10th March 2020

Back to news index page
Secure your business from crypto lockers and ransom ware
Cryptolockers and ransomware can be crippling for any business

Threat

CryptoLocker is not a new virus threat. It has been around for several years and is a well-known and documented potentially devastating business threat. In the words of the Australian Cyber Security Centre (ACSC https://www.cyber.gov.au/)

CryptoLocker is "A particularly malicious type of ransomware which, once installed on your computer, encrypts and locks all of the files on the infected computer. A pop-up window will then display on the computer screen requesting payment of a ransom in return for a key to unlock the encrypted files. Paying the ransom does not guarantee removal."

Impact and Solution

If your IT infrastructure falls to ‘CryptoLocker’ your entire business will lose access to every aspect of your day to day systems. That means employees unable to work, sales unable to happen, receipts or bills unable to process; culminating potentially in brand damage, loss of reputation leading to significant ‘recovery’ expenditure.

Having the correct defensive IT security procedures to prevent infection are well known and implementable. However, threat vectors from these viruses evolve as the bad actors behind them try to circumvent the current protective strategies.

To counter this, DC Two continually evolve and monitor these threats to ensure our partners and customers IT systems and infrastructure are best protected with a Crypto Failsafe approach to ensure the best possible systems for prevention and recovery.

Recent Real World CryptoLocker Attack

Recently our security team had to provide emergency assistance to an Australian based multi-national IT service provider who had both their internal and entire client networks locked down, this included both live and backup server infrastructure. In this case, many of the known defensive strategies were not fully implemented (due to a combination of factors including lack of best practice knowledge regarding systems being used, decisions made based on cost and to a certain extent complacency as to impact potential). This has resulted in potentially devastating financial impact for those infected businesses.

Impacted Business IT & Procedural Set Up Vs DC Two Crypto Failsafe Recommended

Actual Impacted Business IT & Procedural Set Up
DC Two Crypto Failsafe Recommended IT & Procedural Set Up
Uncontrolled management of multiple OS on Servers and Desktops
OS standardization. 24-48 hour OS patching and monitoring to resist latest threats
Office 365 hosted on Azure – backup option not selected
Backups deployed for All Services – Cannot opt out
Limited systems backup strategy
Backup strategy including both offsite and offline daily backup and replication
No email content scanning
Anti-Virus & content filtering / sandboxing
Shared network which included backup servers
Network segmentation & segregation to firstly isolate and secondly slow down attack impact
Limited user education of best security practices
Regular and updated staff training and best practice education for threat awareness
Shared Security Appliance for all clients (Physical)
Every client has dedicated front end Virtual Security Appliance
Many Administrators and Full Access Users
Restrict admin privileges based on staff duties
Applications installed and managed in an uncontrolled open system
Application White listing – Approved / trusted programs only
Insufficient Disaster Recovery plan, combined with the security threat weaknesses extended the recovery period by multiple days. Significant cost implications for business – Lost revenue, staff costs, emergency IT recovery costs
DC Two Crypto Failsafe implementation combined with comprehensive Disaster Recovery plan significantly improves recovery time and limits costs incurred

DC Two can assist you in auditing your IT infrastructure and provide guidance and options to implement a Crypto Failsafe set up. With the appropriate procedures, network topology, education and planning not only will your IT infrastructure be best protected from infection, it will also be more resilient. Recovery from problems will counted in minutes or hours as opposed to days.

Protect your business from Crypto lockers and Ransomware
Protect your business with a properly implemented security plan

For more information on how to prevent CryptoLocker as well as crypto safe backups contact DC Two.

Communication preferences

Testimonials

Paradigm Technologies has been working with John and the team at DC Two for the past 2 years. They have been instrumental in allowing us to establish 'cloud' offerings for our clients. We now have a number of customers whose core data and server infrastructure is located on the DC Two platform.

The simple and competitive pricing model they use makes quoting and billing a breeze. Nothing is too much trouble for them and no matter the problem or requirement, DC Two will find a way.

- Nick Dimitrijevich and Andrew Rosen, Directors, Paradigm Technologies